<!DOCTYPE html>
<html lang="en-US">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
    <title>Nginx配置HTTPS/安装SSL证书 | 个人技术的分享</title>
    <meta name="description" content="">
    <meta name="generator" content="VuePress 1.9.7">
    <link rel="icon" href="/logo.ico">
    <link rel="manifest" href="/manifest.json">
    <link rel="apple-touch-icon" href="/logo.png">
    <link rel="stylesheet" href="/styles/iconfont.css">
    <meta name="description" content="切图仔、CV/API工程师。">
    <link rel="preload" href="/assets/css/0.styles.bab1657c.css" as="style"><link rel="preload" href="/assets/js/app.dfe2ff49.js" as="script"><link rel="preload" href="/assets/js/3.bd810dc8.js" as="script"><link rel="preload" href="/assets/js/4.7eb6bf85.js" as="script"><link rel="preload" href="/assets/js/101.6d8bb072.js" as="script"><link rel="prefetch" href="/assets/js/10.9314e6e2.js"><link rel="prefetch" href="/assets/js/100.aff7ce2a.js"><link rel="prefetch" href="/assets/js/102.ab4c6afe.js"><link rel="prefetch" href="/assets/js/103.f613c5b8.js"><link rel="prefetch" href="/assets/js/104.3cd8f787.js"><link rel="prefetch" href="/assets/js/105.ddd67c67.js"><link rel="prefetch" href="/assets/js/106.bf26ab7e.js"><link rel="prefetch" href="/assets/js/107.2a6632ce.js"><link rel="prefetch" href="/assets/js/108.5885d4d6.js"><link rel="prefetch" href="/assets/js/109.22628ed2.js"><link rel="prefetch" href="/assets/js/11.67c23384.js"><link rel="prefetch" href="/assets/js/110.8dcf645b.js"><link rel="prefetch" href="/assets/js/111.a75b4e6d.js"><link rel="prefetch" href="/assets/js/112.762ffa1c.js"><link rel="prefetch" href="/assets/js/113.c5b41064.js"><link rel="prefetch" href="/assets/js/114.34ec817a.js"><link rel="prefetch" href="/assets/js/115.5f0aa55b.js"><link rel="prefetch" href="/assets/js/116.698defdd.js"><link rel="prefetch" href="/assets/js/117.bb7bcca3.js"><link rel="prefetch" href="/assets/js/118.2d66657c.js"><link rel="prefetch" href="/assets/js/119.8a262cdd.js"><link rel="prefetch" href="/assets/js/12.bb124c65.js"><link rel="prefetch" href="/assets/js/120.3c491dee.js"><link rel="prefetch" href="/assets/js/121.3505af80.js"><link rel="prefetch" href="/assets/js/122.04e9a7cf.js"><link rel="prefetch" href="/assets/js/123.4e17d778.js"><link rel="prefetch" href="/assets/js/124.13b04833.js"><link rel="prefetch" href="/assets/js/125.bd0012a2.js"><link rel="prefetch" href="/assets/js/126.99cc4ec3.js"><link rel="prefetch" href="/assets/js/127.b5a83745.js"><link rel="prefetch" href="/assets/js/128.56b40a89.js"><link rel="prefetch" href="/assets/js/129.1489ad27.js"><link rel="prefetch" href="/assets/js/13.1e4b99c7.js"><link rel="prefetch" href="/assets/js/130.c64a96a8.js"><link rel="prefetch" href="/assets/js/131.7dbeedc5.js"><link rel="prefetch" href="/assets/js/132.c11a3a90.js"><link rel="prefetch" href="/assets/js/133.c02b1035.js"><link rel="prefetch" href="/assets/js/134.27e97bf6.js"><link rel="prefetch" href="/assets/js/135.5cf1ffcb.js"><link rel="prefetch" href="/assets/js/136.732866b5.js"><link rel="prefetch" href="/assets/js/137.71150c2b.js"><link rel="prefetch" href="/assets/js/138.6edc5f97.js"><link rel="prefetch" href="/assets/js/139.7dc5785a.js"><link rel="prefetch" href="/assets/js/14.230d6df1.js"><link rel="prefetch" href="/assets/js/140.df409b41.js"><link rel="prefetch" href="/assets/js/141.23e4a662.js"><link rel="prefetch" href="/assets/js/15.fbe6b5b2.js"><link rel="prefetch" href="/assets/js/16.72f3903d.js"><link rel="prefetch" href="/assets/js/17.667ac210.js"><link rel="prefetch" href="/assets/js/18.9b60328e.js"><link rel="prefetch" href="/assets/js/19.d1bb7ffd.js"><link rel="prefetch" href="/assets/js/20.4bf72a89.js"><link rel="prefetch" href="/assets/js/21.d62b0bbb.js"><link rel="prefetch" href="/assets/js/22.c15b497e.js"><link rel="prefetch" href="/assets/js/23.583da9a1.js"><link rel="prefetch" href="/assets/js/24.59df73ca.js"><link rel="prefetch" href="/assets/js/25.ae681969.js"><link rel="prefetch" href="/assets/js/26.4652101c.js"><link rel="prefetch" href="/assets/js/27.4f2c4857.js"><link rel="prefetch" href="/assets/js/28.cd131e05.js"><link rel="prefetch" href="/assets/js/29.3d4a8ee1.js"><link rel="prefetch" href="/assets/js/30.bc6d42d1.js"><link rel="prefetch" href="/assets/js/31.2c405117.js"><link rel="prefetch" href="/assets/js/32.0ceecc6e.js"><link rel="prefetch" href="/assets/js/33.12a93636.js"><link rel="prefetch" href="/assets/js/34.f4994641.js"><link rel="prefetch" href="/assets/js/35.926aff5c.js"><link rel="prefetch" href="/assets/js/36.1850fac0.js"><link rel="prefetch" href="/assets/js/37.7990b07f.js"><link rel="prefetch" href="/assets/js/38.0c59d91b.js"><link rel="prefetch" href="/assets/js/39.f5ad73cc.js"><link rel="prefetch" href="/assets/js/40.9853630f.js"><link rel="prefetch" href="/assets/js/41.ee8f051d.js"><link rel="prefetch" href="/assets/js/42.03d761cf.js"><link rel="prefetch" href="/assets/js/43.6f6c7421.js"><link rel="prefetch" href="/assets/js/44.47e28062.js"><link rel="prefetch" href="/assets/js/45.af48f901.js"><link rel="prefetch" href="/assets/js/46.c2ef1108.js"><link rel="prefetch" href="/assets/js/47.3b754edd.js"><link rel="prefetch" href="/assets/js/48.41fd0e4b.js"><link rel="prefetch" href="/assets/js/49.fa8bb2d6.js"><link rel="prefetch" href="/assets/js/5.9554ffdf.js"><link rel="prefetch" href="/assets/js/50.470960b6.js"><link rel="prefetch" href="/assets/js/51.f641e205.js"><link rel="prefetch" href="/assets/js/52.292aa625.js"><link rel="prefetch" href="/assets/js/53.06feb6d0.js"><link rel="prefetch" href="/assets/js/54.bd22026a.js"><link rel="prefetch" href="/assets/js/55.ea51cd92.js"><link rel="prefetch" href="/assets/js/56.f909fe9f.js"><link rel="prefetch" href="/assets/js/57.02f3b546.js"><link rel="prefetch" href="/assets/js/58.70a7433b.js"><link rel="prefetch" href="/assets/js/59.c0fc6ad7.js"><link rel="prefetch" href="/assets/js/6.32562f11.js"><link rel="prefetch" href="/assets/js/60.6e2b4c40.js"><link rel="prefetch" href="/assets/js/61.a52a09ff.js"><link rel="prefetch" href="/assets/js/62.27ccbcf9.js"><link rel="prefetch" href="/assets/js/63.8a96fdd6.js"><link rel="prefetch" href="/assets/js/64.4c572d6a.js"><link rel="prefetch" href="/assets/js/65.b1d5b340.js"><link rel="prefetch" href="/assets/js/66.7107370e.js"><link rel="prefetch" href="/assets/js/67.666b4292.js"><link rel="prefetch" href="/assets/js/68.8c3bd9eb.js"><link rel="prefetch" href="/assets/js/69.4c5cd008.js"><link rel="prefetch" href="/assets/js/7.84c0fac9.js"><link rel="prefetch" href="/assets/js/70.c219a726.js"><link rel="prefetch" href="/assets/js/71.a952c191.js"><link rel="prefetch" href="/assets/js/72.b1635d94.js"><link rel="prefetch" href="/assets/js/73.c828f2de.js"><link rel="prefetch" href="/assets/js/74.29555c6a.js"><link rel="prefetch" href="/assets/js/75.ddd32435.js"><link rel="prefetch" href="/assets/js/76.33b11087.js"><link rel="prefetch" href="/assets/js/77.1992b55d.js"><link rel="prefetch" href="/assets/js/78.6e4af851.js"><link rel="prefetch" href="/assets/js/79.0c6e5357.js"><link rel="prefetch" href="/assets/js/8.b775bc4d.js"><link rel="prefetch" href="/assets/js/80.a2494e79.js"><link rel="prefetch" href="/assets/js/81.ba3634f7.js"><link rel="prefetch" href="/assets/js/82.bf7c34dc.js"><link rel="prefetch" href="/assets/js/83.a424781a.js"><link rel="prefetch" href="/assets/js/84.1024c1e9.js"><link rel="prefetch" href="/assets/js/85.75a55948.js"><link rel="prefetch" href="/assets/js/86.f957a19e.js"><link rel="prefetch" href="/assets/js/87.0d718ad6.js"><link rel="prefetch" href="/assets/js/88.f17614e7.js"><link rel="prefetch" href="/assets/js/89.354fe35d.js"><link rel="prefetch" href="/assets/js/9.8eda8208.js"><link rel="prefetch" href="/assets/js/90.6dd96ee4.js"><link rel="prefetch" href="/assets/js/91.136af10e.js"><link rel="prefetch" href="/assets/js/92.a9c072ce.js"><link rel="prefetch" href="/assets/js/93.c52cc17a.js"><link rel="prefetch" href="/assets/js/94.03f26b32.js"><link rel="prefetch" href="/assets/js/95.2d937101.js"><link rel="prefetch" href="/assets/js/96.b93eee83.js"><link rel="prefetch" href="/assets/js/97.075388e9.js"><link rel="prefetch" href="/assets/js/98.297b61d9.js"><link rel="prefetch" href="/assets/js/99.df97102a.js"><link rel="prefetch" href="/assets/js/vendors~docsearch.2e6ea98f.js">
    <link rel="stylesheet" href="/assets/css/0.styles.bab1657c.css">
  </head>
  <body>
    <div id="app" data-server-rendered="true"><div class="theme-container"><header class="navbar"><div class="ant-row"><div class="sidebar-button"><i aria-label="图标: bars" class="anticon anticon-bars"><svg viewBox="0 0 1024 1024" focusable="false" data-icon="bars" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M912 192H328c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h584c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zm0 284H328c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h584c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zm0 284H328c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h584c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zM104 228a56 56 0 1 0 112 0 56 56 0 1 0-112 0zm0 284a56 56 0 1 0 112 0 56 56 0 1 0-112 0zm0 284a56 56 0 1 0 112 0 56 56 0 1 0-112 0z"></path></svg></i> <span></span></div> <div class="ant-col ant-col-xs-24 ant-col-sm-24 ant-col-md-6 ant-col-lg-5 ant-col-xl-5 ant-col-xxl-4"><a href="/" class="router-link-active home-link"><img src="/logo.png" alt="个人技术的分享" class="logo"> <span class="site-name">个人技术的分享</span></a> <div class="search-box mobile-search"><input aria-label="Search" autocomplete="off" spellcheck="false" value=""> <!----></div></div> <div class="ant-col ant-col-xs-0 ant-col-sm-0 ant-col-md-18 ant-col-lg-19 ant-col-xl-19 ant-col-xxl-20"><div class="search-box"><input aria-label="Search" autocomplete="off" spellcheck="false" value=""> <!----></div> <nav class="nav-links can-hide"><ul role="menu" id="nav" class="ant-menu ant-menu-horizontal ant-menu-root ant-menu-light"><li role="menuitem" class="ant-menu-submenu ant-menu-submenu-horizontal ant-menu-overflowed-submenu" style="display:none;"><div aria-haspopup="true" class="ant-menu-submenu-title"><span>···</span><i class="ant-menu-submenu-arrow"></i></div></li><li role="menuitem" class="ant-menu-item"><a href="/" class="router-link-active">
          首页
        </a></li><li role="menuitem" class="ant-menu-submenu ant-menu-submenu-horizontal ant-menu-overflowed-submenu" style="display:none;"><div aria-haspopup="true" class="ant-menu-submenu-title"><span>···</span><i class="ant-menu-submenu-arrow"></i></div></li><li role="menuitem" class="ant-menu-submenu ant-menu-submenu-horizontal"><div aria-haspopup="true" class="ant-menu-submenu-title"><span>
          博文
        </span><i class="ant-menu-submenu-arrow"></i></div></li><li role="menuitem" class="ant-menu-submenu ant-menu-submenu-horizontal ant-menu-overflowed-submenu" style="display:none;"><div aria-haspopup="true" class="ant-menu-submenu-title"><span>···</span><i class="ant-menu-submenu-arrow"></i></div></li><li role="menuitem" class="ant-menu-item"><a href="/blog/leetcode/">
          LeetCode
        </a></li><li role="menuitem" class="ant-menu-submenu ant-menu-submenu-horizontal ant-menu-overflowed-submenu" style="display:none;"><div aria-haspopup="true" class="ant-menu-submenu-title"><span>···</span><i class="ant-menu-submenu-arrow"></i></div></li><li role="menuitem" class="ant-menu-item"><a href="/thoughts/">
          随想
        </a></li><li role="menuitem" class="ant-menu-submenu ant-menu-submenu-horizontal ant-menu-overflowed-submenu" style="visibility:hidden;position:absolute;"><div aria-haspopup="true" class="ant-menu-submenu-title"><span>···</span><i class="ant-menu-submenu-arrow"></i></div></li></ul> <!----></nav></div></div> <!----></header> <aside class="sidebar"><!----> <ul class="sidebar-links"><li><a href="/blog/other/" aria-current="page" title="快速导航" class="sidebar-link">快速导航</a></li><li><section class="sidebar-group collapsable depth-0"><p class="sidebar-heading"><span>系统环境相关</span> <span class="arrow right"><i aria-label="图标: down" class="anticon anticon-down"><svg viewBox="64 64 896 896" focusable="false" data-icon="down" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M884 256h-75c-5.1 0-9.9 2.5-12.9 6.6L512 654.2 227.9 262.6c-3-4.1-7.8-6.6-12.9-6.6h-75c-6.5 0-10.3 7.4-6.5 12.7l352.6 486.1c12.8 17.6 39 17.6 51.7 0l352.6-486.1c3.9-5.3.1-12.7-6.4-12.7z"></path></svg></i></span></p> <!----></section></li><li><section class="sidebar-group collapsable depth-0"><p class="sidebar-heading"><span>开发工具相关</span> <span class="arrow right"><i aria-label="图标: down" class="anticon anticon-down"><svg viewBox="64 64 896 896" focusable="false" data-icon="down" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M884 256h-75c-5.1 0-9.9 2.5-12.9 6.6L512 654.2 227.9 262.6c-3-4.1-7.8-6.6-12.9-6.6h-75c-6.5 0-10.3 7.4-6.5 12.7l352.6 486.1c12.8 17.6 39 17.6 51.7 0l352.6-486.1c3.9-5.3.1-12.7-6.4-12.7z"></path></svg></i></span></p> <!----></section></li><li><section class="sidebar-group collapsable depth-0"><p class="sidebar-heading open"><span>部署相关</span> <span class="arrow down"><i aria-label="图标: down" class="anticon anticon-down"><svg viewBox="64 64 896 896" focusable="false" data-icon="down" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M884 256h-75c-5.1 0-9.9 2.5-12.9 6.6L512 654.2 227.9 262.6c-3-4.1-7.8-6.6-12.9-6.6h-75c-6.5 0-10.3 7.4-6.5 12.7l352.6 486.1c12.8 17.6 39 17.6 51.7 0l352.6-486.1c3.9-5.3.1-12.7-6.4-12.7z"></path></svg></i></span></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/blog/other/aboutdeploy/sub-domain-deploy.html" title="Nginx二级域名部署实践" class="sidebar-link">Nginx二级域名部署实践</a></li><li><a href="/blog/other/aboutdeploy/sub-directory-deploy.html" title="Nginx部署React项目至服务器二级目录实践" class="sidebar-link">Nginx部署React项目至服务器二级目录实践</a></li><li><a href="/blog/other/aboutdeploy/nginx-proxy-resource.html" title="使用Nginx代理访问图片等资源" class="sidebar-link">使用Nginx代理访问图片等资源</a></li><li><a href="/blog/other/aboutdeploy/nginx-config-https.html" aria-current="page" title="Nginx配置HTTPS/安装SSL证书" class="active sidebar-link">Nginx配置HTTPS/安装SSL证书</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/blog/other/aboutdeploy/nginx-config-https.html#一、http与https" title="一、HTTP与HTTPS" class="sidebar-link">一、HTTP与HTTPS</a></li><li class="sidebar-sub-header"><a href="/blog/other/aboutdeploy/nginx-config-https.html#二、申请ssl-tls证书" title="二、申请SSL/TLS证书" class="sidebar-link">二、申请SSL/TLS证书</a></li><li class="sidebar-sub-header"><a href="/blog/other/aboutdeploy/nginx-config-https.html#三、配置nginx" title="三、配置Nginx" class="sidebar-link">三、配置Nginx</a></li><li class="sidebar-sub-header"><a href="/blog/other/aboutdeploy/nginx-config-https.html#四、解决问题" title="四、解决问题" class="sidebar-link">四、解决问题</a></li><li class="sidebar-sub-header"><a href="/blog/other/aboutdeploy/nginx-config-https.html#五、参考资料" title="五、参考资料" class="sidebar-link">五、参考资料</a></li></ul></li><li><a href="/blog/other/aboutdeploy/auto-deploy-nodejs.html" title="Node.js + GitHub Webhooks实现自动化部署" class="sidebar-link">Node.js + GitHub Webhooks实现自动化部署</a></li><li><a href="/blog/other/aboutdeploy/nginx-deploy-for-centos.html" title="Nginx部署笔记-CentOS" class="sidebar-link">Nginx部署笔记-CentOS</a></li><li><a href="/blog/other/aboutdeploy/nginx-error-summary-2.html" title="Nginx部署笔记-常见错误总结（2）" class="sidebar-link">Nginx部署笔记-常见错误总结（2）</a></li><li><a href="/blog/other/aboutdeploy/nginx-error-summary-1.html" title="Nginx部署笔记-常见错误总结（1）" class="sidebar-link">Nginx部署笔记-常见错误总结（1）</a></li><li><a href="/blog/other/aboutdeploy/nginx-deploy-summary.html" title="Nginx部署笔记-常用配置总结" class="sidebar-link">Nginx部署笔记-常用配置总结</a></li><li><a href="/blog/other/aboutdeploy/nginx-start.html" title="Nginx部署笔记-Windows（2）开机自启动" class="sidebar-link">Nginx部署笔记-Windows（2）开机自启动</a></li><li><a href="/blog/other/aboutdeploy/nginx-deploy-record.html" title="Nginx部署笔记-Windows（1）" class="sidebar-link">Nginx部署笔记-Windows（1）</a></li></ul></section></li><li><section class="sidebar-group collapsable depth-0"><p class="sidebar-heading"><span>博客相关</span> <span class="arrow right"><i aria-label="图标: down" class="anticon anticon-down"><svg viewBox="64 64 896 896" focusable="false" data-icon="down" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M884 256h-75c-5.1 0-9.9 2.5-12.9 6.6L512 654.2 227.9 262.6c-3-4.1-7.8-6.6-12.9-6.6h-75c-6.5 0-10.3 7.4-6.5 12.7l352.6 486.1c12.8 17.6 39 17.6 51.7 0l352.6-486.1c3.9-5.3.1-12.7-6.4-12.7z"></path></svg></i></span></p> <!----></section></li></ul></aside> <main class="page"> <div class="theme-antdocs-content content__default"><h1 id="nginx配置https-安装ssl证书"><a href="#nginx配置https-安装ssl证书" class="header-anchor">#</a> Nginx配置HTTPS/安装SSL证书</h1> <!----> <blockquote><p>本篇博文记录一下给博客域名<s>即本站</s><strong>配置HTTPS/SSL证书的过程</strong>。</p></blockquote> <h2 id="一、http与https"><a href="#一、http与https" class="header-anchor">#</a> 一、HTTP与HTTPS</h2> <h3 id="http"><a href="#http" class="header-anchor">#</a> HTTP</h3> <p>HTTP协议（即<code>HyperText Transfer Protocol</code>，超文本传输协议）<strong>基于TCP/IP通信协议来进行通信</strong>，它的缺点是<font color="#FF0000">所有信息明文传播</font>，这带来了风险，<strong>第三方攻击者可以依此窃取信息、篡改信息、伪造身份参与通信</strong>。</p> <h3 id="https"><a href="#https" class="header-anchor">#</a> HTTPS</h3> <p>既然信息不安全，是明文传递的，那就加密传递，<strong>通信双方的信息不仅加密</strong>，还要<strong>校验通信双方的身份</strong>。这就是<strong>SSL/TLS</strong>协议，和基于该协议的HTTPS。</p> <h3 id="ssl-tls运行过程"><a href="#ssl-tls运行过程" class="header-anchor">#</a> SSL/TLS运行过程</h3> <p>访问网站时浏览器会向服务器获取<code>公钥</code>，使用<code>公钥</code>加密通信内容，服务器接收到加密后的内容后使用<code>私钥</code>进行解密。</p> <div class="custom-block tip"><p class="custom-block-title">P.S.</p> <ul><li><p>👉 <strong>SSL/TLS协议运行机制</strong>参考<a href="#%E4%BA%94%E3%80%81%E5%8F%82%E8%80%83%E8%B5%84%E6%96%99">文末链接[1]</a>。</p></li> <li><p>👇 未设置证书时为HTTP协议，浏览器会提示<font color="#FF0000">此为不安全连接</font>。。</p></li></ul> <p><img src="/images/other/aboutdeploy/nginx-config-https-02.png" alt="nginx-config-https-02"></p></div> <h2 id="二、申请ssl-tls证书"><a href="#二、申请ssl-tls证书" class="header-anchor">#</a> 二、申请SSL/TLS证书</h2> <p>在<strong>企鹅云</strong>上搜索<code>SSL证书</code>然后走申请流程，大概<strong>半天</strong>就会下来。😁</p> <p><img src="/images/other/aboutdeploy/nginx-config-https-01.png" alt="nginx-config-https-01"></p> <p>上图中点击<strong>下载</strong>，包里有下图所示的文件👇 。</p> <p>我是用Nginx做的代理，Nginx包里有两个文件，<code>.crt</code>为<strong>网站域名的签名证书</strong>，即<code>公钥</code>，<code>.key</code>则为<code>私钥</code>。</p> <blockquote><p><img src="/images/other/aboutdeploy/nginx-config-https-03.png" alt="nginx-config-https-03"> <img src="/images/other/aboutdeploy/nginx-config-https-04.png" alt="nginx-config-https-04"></p></blockquote> <h2 id="三、配置nginx"><a href="#三、配置nginx" class="header-anchor">#</a> 三、配置Nginx</h2> <h3 id="查看nginx配置"><a href="#查看nginx配置" class="header-anchor">#</a> 查看Nginx配置</h3> <p>在Nginx中配置HTTPS/SSL需要开启<code>http_ssl_module</code>模块。接下来查看<strong>服务器安装的Nginx已安装的模块</strong>。</p> <div class="language-shell line-numbers-mode"><pre class="language-shell"><code>nginx <span class="token parameter variable">-v</span> <span class="token comment"># 查看版本</span>
nginx <span class="token parameter variable">-V</span> <span class="token comment"># 是大写的V</span>
</code></pre> <div class="line-numbers-wrapper"><span class="line-number">1</span><br><span class="line-number">2</span><br></div></div><p><img src="/images/other/aboutdeploy/nginx-config-https-05.png" alt="nginx-config-https-05"></p> <p>已经安装了<code>http_ssl_module</code>模块，如果没有安装，需要重装Nginx。</p> <p>重装解决方案参考<a href="#%E4%BA%94%E3%80%81%E5%8F%82%E8%80%83%E8%B5%84%E6%96%99">文末链接[2]</a>。</p> <h3 id="将公私钥上传到服务器"><a href="#将公私钥上传到服务器" class="header-anchor">#</a> 将公私钥上传到服务器</h3> <p>我通过<strong>服务器安装的宝塔面板带的FTP</strong>将公私钥上传到服务器，地址是在<code>../nginx/ssl/</code>，在安装的Nginx的根目录下创建了一个<code>ssl</code>目录。</p> <p><img src="/images/other/aboutdeploy/nginx-config-https-06.png" alt="nginx-config-https-06"></p> <p><img src="/images/other/aboutdeploy/nginx-config-https-07.png" alt="nginx-config-https-07"></p> <h3 id="修改nginx-conf"><a href="#修改nginx-conf" class="header-anchor">#</a> 修改<code>nginx.conf</code></h3> <p>配置好后需要重启Nginx。</p> <details class="custom-block details"><summary>展开查看nginx.conf配置</summary> <div class="language-nginx line-numbers-mode"><pre class="language-nginx"><code>...
<span class="token directive"><span class="token keyword">server</span></span>
    <span class="token punctuation">{</span>
      <span class="token directive"><span class="token keyword">listen</span> <span class="token number">443</span> ssl</span><span class="token punctuation">;</span>
      <span class="token directive"><span class="token keyword">server_name</span> tourist17846.cn www.tourist17846.cn</span><span class="token punctuation">;</span>

      <span class="token comment">#证书</span>
      <span class="token directive"><span class="token keyword">ssl_certificate</span> /nginx/ssl/www.tourist17846.cn_bundle.crt</span><span class="token punctuation">;</span>
      <span class="token comment">#私钥</span>
      <span class="token directive"><span class="token keyword">ssl_certificate_key</span> /nginx/ssl/www.tourist17846.cn.key</span><span class="token punctuation">;</span>
      <span class="token comment"># TLS协议版本</span>
      <span class="token directive"><span class="token keyword">ssl_protocols</span> TLSv1 TLSv1.1 TLSv1.2</span><span class="token punctuation">;</span>
      <span class="token comment">#配置会话超时时间</span>
      <span class="token directive"><span class="token keyword">ssl_session_timeout</span>  <span class="token number">5m</span></span><span class="token punctuation">;</span>
      <span class="token directive"><span class="token keyword">ssl_ciphers</span> ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE</span><span class="token punctuation">;</span>
      <span class="token comment">#优先采取服务器算法</span>
      <span class="token directive"><span class="token keyword">ssl_prefer_server_ciphers</span>  <span class="token boolean">on</span></span><span class="token punctuation">;</span>
      <span class="token comment">#设置长连接</span>
      <span class="token directive"><span class="token keyword">keepalive_timeout</span>   <span class="token number">70</span></span><span class="token punctuation">;</span>
      <span class="token comment">#减少点击劫持</span>
      <span class="token directive"><span class="token keyword">add_header</span> X-Frame-Options DENY</span><span class="token punctuation">;</span>
      <span class="token comment">#禁止服务器自动解析资源类型</span>
      <span class="token directive"><span class="token keyword">add_header</span> X-Content-Type-Options nosniff</span><span class="token punctuation">;</span>
      <span class="token comment">#防XSS攻击</span>
      <span class="token directive"><span class="token keyword">add_header</span> X-Xss-Protection <span class="token number">1</span></span><span class="token punctuation">;</span>

      <span class="token directive"><span class="token keyword">location</span> /</span> <span class="token punctuation">{</span>
        <span class="token directive"><span class="token keyword">root</span>   /my-blog</span><span class="token punctuation">;</span>
        <span class="token directive"><span class="token keyword">index</span>  index.html index.htm</span><span class="token punctuation">;</span>
      <span class="token punctuation">}</span>

      <span class="token directive"><span class="token keyword">error_page</span>  <span class="token number">404</span>              /404.html</span><span class="token punctuation">;</span>

      <span class="token directive"><span class="token keyword">error_page</span>   <span class="token number">500</span> <span class="token number">502</span> <span class="token number">503</span> <span class="token number">504</span>  /50x.html</span><span class="token punctuation">;</span>
      <span class="token directive"><span class="token keyword">location</span> = /50x.html</span> <span class="token punctuation">{</span>
        <span class="token directive"><span class="token keyword">root</span>   html</span><span class="token punctuation">;</span>
      <span class="token punctuation">}</span>
    <span class="token punctuation">}</span>

<span class="token comment"># 服务代理，将访问80端口的http请求转向https</span>
<span class="token directive"><span class="token keyword">server</span></span>
    <span class="token punctuation">{</span>
      <span class="token directive"><span class="token keyword">listen</span> <span class="token number">80</span></span><span class="token punctuation">;</span>
      <span class="token directive"><span class="token keyword">server_name</span> tourist17846.cn www.tourist17846.cn</span><span class="token punctuation">;</span>
      <span class="token directive"><span class="token keyword">return</span> <span class="token number">301</span> https://<span class="token variable">$host</span><span class="token variable">$request_uri</span></span><span class="token punctuation">;</span>
    <span class="token punctuation">}</span>
...
</code></pre> <div class="line-numbers-wrapper"><span class="line-number">1</span><br><span class="line-number">2</span><br><span class="line-number">3</span><br><span class="line-number">4</span><br><span class="line-number">5</span><br><span class="line-number">6</span><br><span class="line-number">7</span><br><span class="line-number">8</span><br><span class="line-number">9</span><br><span class="line-number">10</span><br><span class="line-number">11</span><br><span class="line-number">12</span><br><span class="line-number">13</span><br><span class="line-number">14</span><br><span class="line-number">15</span><br><span class="line-number">16</span><br><span class="line-number">17</span><br><span class="line-number">18</span><br><span class="line-number">19</span><br><span class="line-number">20</span><br><span class="line-number">21</span><br><span class="line-number">22</span><br><span class="line-number">23</span><br><span class="line-number">24</span><br><span class="line-number">25</span><br><span class="line-number">26</span><br><span class="line-number">27</span><br><span class="line-number">28</span><br><span class="line-number">29</span><br><span class="line-number">30</span><br><span class="line-number">31</span><br><span class="line-number">32</span><br><span class="line-number">33</span><br><span class="line-number">34</span><br><span class="line-number">35</span><br><span class="line-number">36</span><br><span class="line-number">37</span><br><span class="line-number">38</span><br><span class="line-number">39</span><br><span class="line-number">40</span><br><span class="line-number">41</span><br><span class="line-number">42</span><br><span class="line-number">43</span><br><span class="line-number">44</span><br><span class="line-number">45</span><br><span class="line-number">46</span><br><span class="line-number">47</span><br></div></div></details> <h2 id="四、解决问题"><a href="#四、解决问题" class="header-anchor">#</a> 四、解决问题</h2> <blockquote><p>以下是爬坑问题记录📝。</p></blockquote> <h3 id="_1-端口不能配80"><a href="#_1-端口不能配80" class="header-anchor">#</a> 1.端口不能配<code>80</code></h3> <p><img src="/images/other/aboutdeploy/nginx-config-https-08.png" alt="nginx-config-https-08"></p> <p>上图就是我配<code>80</code>端口给的提示，这里需要配置<strong>支持HTTPS</strong>协议的端口，默认是<code>443</code>。</p> <p><img src="/images/other/aboutdeploy/nginx-config-https-09.png" alt="nginx-config-https-09"></p> <h3 id="_2-配置好了不能访问"><a href="#_2-配置好了不能访问" class="header-anchor">#</a> 2.配置好了不能访问</h3> <blockquote><p>写好了配置文件，也重启了Nginx，Nginx没有报错，<strong>浏览器访问不了</strong>。。</p> <p>这个问题困扰了两个晚上，直到第二个晚上才解决。</p></blockquote> <p>在浏览器中输入域名，发现已经转到了<code>https://...</code>，但是<strong>浏览器却提示无法访问</strong>。</p> <p>这说明配置没问题。<strong>接下来把排查重点放在了服务器的安全组</strong>，查看发现腾讯云的安全组已配置<code>443</code>端口。。</p> <p>👉 一时间解决不了，直到后来打开<strong>宝塔面板</strong>，发现上面有一个<code>防火墙</code>。试着把<code>443</code>加入<strong>放行端口列表</strong>，终于成功了。。🤣</p> <p><img src="/images/other/aboutdeploy/nginx-config-https-10.png" alt="nginx-config-https-10"></p> <p><img src="/images/other/aboutdeploy/nginx-config-https-11.png" alt="nginx-config-https-11"></p> <h2 id="五、参考资料"><a href="#五、参考资料" class="header-anchor">#</a> 五、参考资料</h2> <ul><li>1.<a href="http://www.ruanyifeng.com/blog/2014/02/ssl_tls.html" target="_blank" rel="noopener noreferrer">SSL/TLS协议运行机制的概述 - 阮一峰<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li> <li>2.<a href="https://blog.csdn.net/weixin_37264997/article/details/84525444" target="_blank" rel="noopener noreferrer">Nginx 配置 HTTPS 完整过程<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li> <li>3.<a href="https://cloud.tencent.com/document/product/400/35244" target="_blank" rel="noopener noreferrer">Nginx 服务器证书安装 - 腾讯云<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li></ul></div> <footer class="page-edit"><!----> <div class="last-updated"><span class="prefix">Last Updated:</span> <span class="time">2 years ago</span></div></footer> <div class="page-nav"><p class="inner"><span class="prev"><a href="/blog/other/aboutdeploy/nginx-proxy-resource.html" class="prev"><i aria-label="图标: left" class="anticon anticon-left"><svg viewBox="64 64 896 896" focusable="false" data-icon="left" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M724 218.3V141c0-6.7-7.7-10.4-12.9-6.3L260.3 486.8a31.86 31.86 0 0 0 0 50.3l450.8 352.1c5.3 4.1 12.9.4 12.9-6.3v-77.3c0-4.9-2.3-9.6-6.1-12.6l-360-281 360-281.1c3.8-3 6.1-7.7 6.1-12.6z"></path></svg></i>
        使用Nginx代理访问图片等资源
      </a></span> <span class="next"><a href="/blog/other/aboutdeploy/auto-deploy-nodejs.html">
        Node.js + GitHub Webhooks实现自动化部署
        <i aria-label="图标: right" class="anticon anticon-right"><svg viewBox="64 64 896 896" focusable="false" data-icon="right" width="1em" height="1em" fill="currentColor" aria-hidden="true"><path d="M765.7 486.8L314.9 134.7A7.97 7.97 0 0 0 302 141v77.3c0 4.9 2.3 9.6 6.1 12.6l360 281.1-360 281.1c-3.9 3-6.1 7.7-6.1 12.6V883c0 6.7 7.7 10.4 12.9 6.3l450.8-352.1a31.96 31.96 0 0 0 0-50.4z"></path></svg></i></a></span></p></div> </main> <!----></div><div class="global-ui"><div id="loading-mask"><div class="loading-wrapper"><span class="loading-dot loading-dot-spin"><i></i> <i></i> <i></i> <i></i></span></div></div><div id="live2d-widget" class="live2d-widget-container" style="position:fixed;right:10px;bottom:60px;width:135px;height:300px;z-index:99999;opacity:0.8;pointer-events:none;"><canvas id="live2d_canvas" width="135" height="300" class="live2d_canvas" style="position:absolute;left:0px;top:0px;width:135px;height:300px;"></canvas></div></div></div>
    <script src="/assets/js/app.dfe2ff49.js" defer></script><script src="/assets/js/3.bd810dc8.js" defer></script><script src="/assets/js/4.7eb6bf85.js" defer></script><script src="/assets/js/101.6d8bb072.js" defer></script>
  </body>
</html>